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AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the 
application. 

1 . (Currently amended) A network security system, comprising a firewall arranged 
between an internal network and an external network, said firewall comprises a first port 
configured at the internal network oriented side of the firewall and a second port configured at 
the external network oriented side of the firewall; wherein 

the network security system further comprises a trusted node arranged between the 
firewall and the external network, which is used to provide a data channel between the internal 

network and external network, and forward the data transported between the internal network 
and external network; and the trusted node comprises a media-stream receiving port used to 
converge the data from the second por t; and 

wherein the trusted node further comprises a data forward unit, which is used to 
forward the data transported between the internal network and the external network, a signaling 
channel selection unit, which is used to select signaling transmission chaimel for transmitting the 
data so as to implement the convergence of signaling, a call channel selection imit. which is used 
to select a media-stream receiving port in the trusted node for communicating with the internal 
network, and a control unit, which is used to control the operations of all the other units . 



2. (Canceled). 
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3. (Previously presented) The network security system according to claim 1, wherein 
the trusted node is designed to support H.323 protocol. 



4. (Currently amended) The network security system according to claim [[2]] i, 
wherein the trusted node is designed to support H.323 protocol. 



5. (Currently amended) The network security system according to claim [[2]] i, 
wherein the signaling channel selection unit adopts 0931 channel for transmitting signaling. 

6. (Currently amended) A network security method of realizing secure 
communication between the internal network and the external network by utilizing a network 
security system, said network security system comprises a firewall arranged between the internal 
network and the external network, a first port and a second port configured at the both sides of 
the firewall, and a trusted node arranged between the firewall and the external network; and 

the trusted node comprises: 

a media-stream receiving port; 

a data forward unit, which is used to forward the data transported between the 
internal network and the external network: 

a signaling channel selection unit, which is used to select signaling 
transmission channel for transmitting the data so as to implement the convergence 
of signaling; 

a call channel selection unit which is used to select a media-stream receiving 
port in the trusted node for communicating with the internal network; and 
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a control unit, which is used to control the operations of all the other units ; 
wherein the network security method comprises the following steps of: 

A. establishing a call connection between the internal network and the external 
network by means of the trusted node; 

B. selecting a media-stream receiving port for communicating with the internal 
network in the trusted node; 

C. the trusted node forwarding the data transported between the internal network and 
the external network, and at the same time, converging the data from the second port by the 
selected media-stream receiving port. 



7. (Previously presented) The network security method according to claim 6, 
wherein the Step B comprises the following: 

Bl. Open Logical Channel signaling being transmitted by the internal network to the 
trusted node; 

B2. the trusted node informing the internal network of the selected media-stream 
receiving port; 

B3. the trusted node transmitting Open Logical Channel signaling to the external 
network to establish a corresponding channel. 



8. (Previously presented) The network security method according to claim 6, 
wherein the Step C comprises the following: 
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CI . the selected media-stream receiving port of the trusted node receiving all the data 
from the internal network, and forwarding the data to the external network; 

C2. the selected media-stream receiving port of the trusted node forwarding the data 
transmitted by the external network to the internal network. 



9. (Previously presented) The network security method according to claim 6, 
wherein the Step A comprises a step of selecting Q931 channel for transmitting signaling. 

10. (Previously presented) The network security method according to claim 6, 
further comprises a step of implementing load balance among a plurality of trusted nodes when 
the data are forwarded. 

1 1 . (Previously presented) The network security method according to claim 7, 
further comprises a step of implementing load balance among a plurality of trusted nodes when 
the data are forwarded. 

12. (Previously presented) The network security method according to claim 8, 
further comprises a step of implementing load balance among a plurality of trusted nodes when 
the data are forwarded. 
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further comprises a step of implementing load balance among a plurality of trusted nodes when 
the data are forwarded. 
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